FYI... lostmon says he's a data mangler for OSVDB... any inside scoop
from the OSVDB people?
- Steve
---------- Forwarded message ----------
Date: Tue, 31 May 2005 18:59:51 -0400 (EDT)
From: Steven M. Christey <coley at mitre.org>
To: lostmon at gmail.com
Subject: Question on BookReview vulns
Hello Lostmon,
I am the editor of the CVE List.
I have a question on your BookReview vulnerability report.
You say that the vendor URL is http://www.readersunite.com, but that
is just an online book store for Christian books.
However, I cannot find information on the "BookReview" software on
that site.
Google search suggests that there is a product called "BookReview" by
somebody named W.M.R. Simpson, apparently a Christian software
developer. His URL is at http://www.justwilliams.com/.
However, I can't find any information on "BookReview" on that site,
either.
Can "BookReview" be downloaded and used by other people? If so, do
you know where that information is?
I am asking because it seems like "BookReview" is custom software for
live web site, but it is not generally available to the public, and
CVE only covers vulnerabilities in publicly available software.
Thank you,
Steve Christey
CVE Editor